Wireless Access

Reply
Frequent Contributor II
Posts: 123
Registered: ‎03-04-2011

Guest Network and Accessing Public Web Sites Hosted Internally

We have a guest network configured exactly as described in Aruba's literatire found here. It works great but when connected to it, we are unable to access any web site, hosted internally, that is available publically. 

 

Has anyone else come across this?

MVP
Posts: 978
Registered: ‎04-13-2009

Re: Guest Network and Accessing Public Web Sites Hosted Internally

[ Edited ]

EDIT: Oops I misread your post. 

 

I've seend this before. In the scenario I had the firewall didn't know how to route the guest traffic to the sites. Have you got the firewall setup to allow Guest --> External site IP --> Internal site IP --> External Site IP - Guest?

 

Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Frequent Contributor II
Posts: 123
Registered: ‎03-04-2011

Re: Guest Network and Accessing Public Web Sites Hosted Internally

JAmes,

 

Thanks for the response. I have our guest network on the controller configured exactly as described in Aruba's documentation. What changes can I make to get this to work? I'm not sure if I understand what you mean.

MVP
Posts: 978
Registered: ‎04-13-2009

Re: Guest Network and Accessing Public Web Sites Hosted Internally

What exactly is happening?

Are the guest able to resolve the DNS name of your site? What does it resolve to (internal or external IP)?
Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Frequent Contributor II
Posts: 123
Registered: ‎03-04-2011

Re: Guest Network and Accessing Public Web Sites Hosted Internally

Guest users are not able to ping or access any of our external sites and IPs. They can access any Internet site except for the sites that exist internally alongside the controller. It seems as if the guest VLAN on the controller doesn't have access to the external IPs of our internal sites. It tries to resolve the external IPs, not internal, which I would assume is correct, but can't.

 

There are no specific rules on the controller's firewall that I can see that's restricting this.

MVP
Posts: 978
Registered: ‎04-13-2009

Re: Guest Network and Accessing Public Web Sites Hosted Internally

I'm confused by your response.

 

Can we clear this up...

 

  1. If you ping one of the websites external DNS names, does it resolve it to an IP address? 
  2. If yes for question 1. Does it resolve to the external IP address?
Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Frequent Contributor II
Posts: 123
Registered: ‎03-04-2011

Re: Guest Network and Accessing Public Web Sites Hosted Internally

Sorry for the confusion.

 

1. No. If I ping one of our external DNS names, it attempts to ping the external IP, not the intenal, but it's unable to contact it and times out.

MVP
Posts: 978
Registered: ‎04-13-2009

Re: Guest Network and Accessing Public Web Sites Hosted Internally

No worries.

 

Ok, so DNS is working and resolving to the correct IP addresses. I believe, the issue is likely going to be firewall related. Can you check your firewall to see if it's dropping/blocking this traffic?

 

I would try setting up a continuous ping to one of the sites then check the firewall for this traffic.

 

Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Frequent Contributor II
Posts: 123
Registered: ‎03-04-2011

Re: Guest Network and Accessing Public Web Sites Hosted Internally

The firewall on the controller, our site's firewall, or both?

MVP
Posts: 978
Registered: ‎04-13-2009

Re: Guest Network and Accessing Public Web Sites Hosted Internally

Your site firewall. :)
Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Search Airheads
Showing results for 
Search instead for 
Did you mean: